Commit Graph

5680 Commits

Author SHA1 Message Date
Roeland Jago Douma 8d4346d656
Fix more tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma bc16b05243
Fix signCoretests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma 305481688b
SignApp fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma ef4b59d341
More fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma 799f58391e
More fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 3aa5f105fa
Fix more tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 385ec2947d
Skip redis if not configured
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma c007ca624f
Make phpunit8 compatible
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 0532f8116d
Merge pull request #18019 from nextcloud/enhancement/password-policy-events
Add typed events for password_policy
2019-11-27 11:11:17 +01:00
blizzz d2f9deba51
Merge pull request #17834 from nextcloud/enh/noid/generic-event-replacement-tk2
Public API's GenericEvent replacement (take 2)
2019-11-27 10:50:07 +01:00
Christoph Wurst 1a886b1472
Add typed events for password_policy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00
Roeland Jago Douma d09f8c7423
Merge pull request #17939 from nextcloud/fix/token-insert-conflict-handling
Handle token insert conflicts
2019-11-26 19:47:59 +01:00
Arthur Schiwon fc16b09a2c
Files first to use own GenericEvent
* those are added to 18 only anyway :)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-26 14:48:59 +01:00
Roeland Jago Douma b607e3e6f4
Merge pull request #17948 from nextcloud/enh/check-if-property-is-bool
Make isXXX available for bool properties only
2019-11-26 12:25:36 +01:00
Christoph Wurst 0299ea0a96
Handle token insert conflicts
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.

As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-26 12:07:12 +01:00
Robin Appelman 74c6beb603
dont set folder size to negative values during propagation
normally this shouldn't be a problem, but cache/storage desync might cause this
so this adds some failsafe to ensure we dont corrupt the cache further

the minimum value is set to -1 instead of 0 in order to triger a background scan
on the folder and figure out the size properly

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
Robin Appelman 9e450d727a
add LEAST and GREATER to db function builder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
blizzz b1dffc5c2d
Merge pull request #17896 from nextcloud/fix/noid/consider-create-group-result
take group creation result into consideration
2019-11-25 17:16:40 +01:00
Arthur Schiwon 7b1eedb11e
take group creation result into consideration
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-25 14:01:20 +01:00
Roeland Jago Douma 68748d4f85
Some php-cs fixes
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Roeland Jago Douma 3c1bcd551d
Fix the tests after #18029
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-21 22:31:45 +01:00
Roeland Jago Douma 5c4b2a2436
Merge pull request #18029 from nextcloud/feature/public-post-login-event
Make the post login event public
2019-11-21 12:39:42 +01:00
Daniel Calviño Sánchez f402e23448 Accept incoming shares in acceptance tests
Incoming shares are no longer automatically added to the file list of
the sharee. Instead, the user now needs to explictly accept the share.

Currently shares can be accepted only from the Notifications app, so it
must be explicitly cloned before installing Nextcloud if it is not found
in the "apps" directory. Note that the development branches are already
built, so there is no need to explicitly build the app.

With the new sharing behaviour the "share a skeleton file with another
user before first login" scenario is no longer valid (as the user will
need to log in to accept the share, so at that point the skeleton is
already created), so it was removed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Daniel Calviño Sánchez 0abff19aa9 Rename "Notification" to "Toast"
Since Nextcloud 17 the proper name for the old built-in notifications is
"Toast". Moreover, this will reduce ambiguity when using the
"notification" term to refer to elements in the Notifications app.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Roeland Jago Douma da25ed997e
Do not check for updates if we have no internet
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:30:59 +01:00
Christoph Wurst 535000aac6
Make the post login event public
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-20 18:43:09 +01:00
Roeland Jago Douma b367027798
Do pagination on the dummy group backend
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 08:08:01 +01:00
Roeland Jago Douma 1bd688a9d1
Use dummy backend in test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-18 11:54:26 +01:00
Roeland Jago Douma a184e350d7
Merge remote-tracking branch 'origin/master' into filecache-extension 2019-11-18 11:06:17 +01:00
Daniel Kesselberg a27c10daa6
Make isXXX available for bool properties only
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-16 00:39:48 +01:00
Roeland Jago Douma 54eb27dab2
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-13 20:43:20 +01:00
RussellAult 19791b2460
Check getRedirectUri() for queries
Resolves Issue #17885

Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.

Signed-off-by: RussellAult <russellault@users.noreply.github.com>
2019-11-13 14:05:03 +01:00
Robin Appelman 066faaec05
fix folder delete
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:46 +01:00
Robin Appelman 43fa746ad9
dont create empty filecache extended rows
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:43 +01:00
Robin Appelman 1b6e647b63
expose filecache extension data in FileInfo
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:32 +01:00
Robin Appelman 842da3f183
store filecache extension fields
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 11:30:44 +01:00
Daniel Calviño Sánchez 2f49806c20 Add unit tests for "getAllShares()"
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-30 14:27:41 +01:00
John Molakvoæ (skjnldsv) 12eba18bdf Adjust acceptance tests to new OCA.Sidebar
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 13:20:08 +01:00
John Molakvoæ (skjnldsv) ea6f423e2c Extend data returned when searching remote shares
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma 2cf068463f
Harden middleware check
These annotations will allow for extra checks. And thus make it harder
to break things.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 15:44:37 +02:00
Daniel Calviño Sánchez 81d0b70791 Run acceptance tests on PHP 7.3
There is no difference (as far as I know) between running the acceptance
tests on PHP 7.1 or on PHP 7.3; this is simply a preparatory step to be
ready when PHP 7.1 support is dropped in Nextcloud server.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-22 16:48:55 +02:00
Roeland Jago Douma 5122629bb0
Make renewSessionToken return the new token
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Roeland Jago Douma 075a0b24d5
Merge pull request #17431 from johkoenig/bugfix/17377/trusted_domain_helper_case_insensitive
make TrustedDomainHelper case insensitive
2019-10-08 08:51:11 +02:00
Roeland Jago Douma a02a626606
Merge pull request #17411 from kinolaev/fix-oauth2-redirect
Fix oauth client redirect
2019-10-07 12:03:52 +02:00
Johannes Koenig 2df8d646c1 make TrustedDomainHelper case insensitive
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
Sergej Nikolaev 1b5d85a4ca fix oauth client redirect
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
2019-10-04 21:09:13 +03:00
John Molakvoæ 6d819e2820
Fix master testing and update eslint-config (#17367)
Fix master testing and update eslint-config
2019-10-04 08:18:13 +02:00
John Molakvoæ (skjnldsv) 4293ede565
Fix tag acceptance tests after #16682
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-04 07:48:45 +02:00
Tim Terhorst 2ad33bc06e Add Fatal logging option
Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
2019-10-02 21:18:29 -05:00
blizzz 47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst de6940352a Move settings to an app
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
John Molakvoæ (skjnldsv) f737dc9a86 Remove input id on login form
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 08:15:03 +00:00
Roeland Jago Douma cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Roeland Jago Douma 6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman 35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that

Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman 733d4b6cca
dont delete cache entries if deleting an object from object store failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Roeland Jago Douma 210a0554a2
Use the actual password to update the tokens
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Greta Doci 68ef242a0a
Fixed the SecurityTest error
Signed-off-by: Greta Doci <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-15 12:04:28 +02:00
Greta Doci 4ff7551574
Fixed the test
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-09-15 12:04:28 +02:00
Roeland Jago Douma 2b98eea129
Harden identifyproof openssl code
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
Roeland Jago Douma 2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma 41cbb05aea
Split personal security settings in code
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Arthur Schiwon 1cc6f34d88
adapt file hooks test to eventdispatcher utilization
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
Roeland Jago Douma bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma 1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman 8ef5a366ec
add MAX and MIN to functionbuilder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Roeland Jago Douma 0ff08810d9
Log/FileTest does not require the DB
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
Arthur Schiwon d33e0be2f1
adjust test expectations
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
Roeland Jago Douma 2fdf946dae
Merge pull request #16454 from nextcloud/bugfix/noid/sharelink-shouldnt-open-menu-automatically
Dont show menu automatically when share link is clicked
2019-09-04 10:36:04 +02:00
Daniel Kesselberg 773778dd8c
Add default timeout to expected request options
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
Greta Doci 1993984769 Adjust acceptance tests to changes in link share menu behaviour
Now the link share menu is not automatically opened after a link share
is created, so waiting until it was opened failed in iShareTheLinkFor.

Note that the steps that interact with the link share menu take care
themselves of showing the menu if needed, so there is no need to
explicitly show it despite the change. Also, the waiting in
iShareTheLinkFor was introduced when the link share menu was changed
to automatically open after creating a link share, as that caused some
issues with the steps that opened the menu by themselves (fec8d12fc5).
Due to all this, now that the link share menu is again not automatically
opened the wait can be simply removed.

Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-08-29 10:19:03 +02:00
Roeland Jago Douma 3f12ec95f0
SessionMiddleware: declare session property
* Remove request since we don't useit
* Update tests as well

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
John Molakvoæ caf32d25f8
Merge pull request #16879 from only-run-integration-tests-on-php-changes
Only run integration tests when PHP was modified
2019-08-27 18:12:40 +02:00
Roeland Jago Douma 495f94e558
Merge pull request #16875 from nextcloud/bugfix/16874/welcome-mail-client-url
Use custom client URL in welcome emails
2019-08-27 13:48:11 +02:00
Joas Schilling 23a0cbe6ef
Only run integration tests when PHP was modified
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-27 11:31:15 +02:00
Julius Härtl 52dc36fb88
Mock client URL in new user mail tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-27 10:22:54 +02:00
Roeland Jago Douma 505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
Arthur Schiwon 4bd83c9a28
adjust tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
Joas Schilling db968cb1d4
Cleanup the Settings class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
John Molakvoæ 40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
blizzz 6d20876eb2
Merge pull request #16782 from nextcloud/fix/16729/stop-if-encrypted-token-null
Stop if there is no encrypted token
2019-08-21 12:31:12 +02:00
Roeland Jago Douma 7927aebdeb
Fix report of phpstan in Limiter
* unneeded arguments to constructor
* added return types
* let automatic DI do its work

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Daniel Kesselberg 9c4c5ee818
Add test case for existing user with token null
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:27:03 +02:00
Daniel Kesselberg 7f7c6e49b6
Return the disabled user mock instead of the existing
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:18:39 +02:00
Daniel Calviño Sánchez e5a305b9d8 Allow Context subclasses in acceptance tests to access parent actor
Although uncommon, in some cases a Context may need to be extended (for
example, to override a step defined in the server with a specific
behaviour in the acceptance tests of an app); in those cases the
subclass should be able to access the actor attribute defined in the
Context it is extending.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-08-16 08:20:41 +02:00
Roeland Jago Douma fced73aa37
Merge pull request #16711 from nextcloud/fix/csp/form_actions/loginflow
Fix login flow form actions
2019-08-12 08:24:53 +02:00
Roeland Jago Douma f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Scott Shambarger edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
 "cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.

Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
Roeland Jago Douma 6dc179ee12
Fix login flow form actions
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-11 19:53:49 +02:00
Roeland Jago Douma f81817b47d
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
Roeland Jago Douma b8c5008acf
Add feature policy header
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma 2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma cf647451e5
Update CSP test cases to handle the new form-action
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl 22b81ac1e4
Fix permission check on incoming federated shares
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma 436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540
Add missing password reset page to vue
2019-07-31 11:02:20 +02:00
Julius Härtl 3b0d13944a
Move actual password reset to vue
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 09:19:07 +02:00
Joas Schilling d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma 135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma 0ea7fbae54
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke 98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Roeland Jago Douma 51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
Split up security middleware
2019-07-29 12:13:55 +02:00
Roeland Jago Douma b6dd2ebd39
Use proper exception in lostController
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.

This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
Roeland Jago Douma 37a4282c7a
Split up security middleware
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.

I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Morris Jobke 2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Morris Jobke 71e5300f84
Merge pull request #16551 from nextcloud/fix/12735/displayname-email
supresses disclosing the userid for LDAP users in the welcome mail
2019-07-26 15:14:59 +02:00
Arthur Schiwon 78201bcb72
treat sensitive config keys by pattern
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma 0487144b26
Remove deprecated searchByTag
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Arthur Schiwon 898430b6b1
supresses disclosing the userid for LDAP users in the welcome mail
The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 10:48:34 +02:00
Julius Härtl 3674f6fa2d
Check the if we can actually access the storage cache for recent files
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Morris Jobke d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Daniel Kesselberg 8bed3021bd
Exclude .rnd files from integrity check
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Sam Bull ea935f65fd
Add support for CSP_NONCE server variable
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.

Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
Morris Jobke 5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
Notifications overhaul
2019-07-17 20:22:03 +02:00
Morris Jobke 782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
Morris Jobke 99f2c82222
Properly inject the logger
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
Joas Schilling 565838da9c
Update unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
Joas Schilling 55f5bc79a1
Keep the old method as a fallback and adjust the tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
Roeland Jago Douma f8aeef7ae9
Lock SCSS so we only run 1 job at a time
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
Roeland Jago Douma c193c0d466
Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentions
Allow guest mentions of talk to be parsed
2019-07-12 10:35:54 +02:00
Joas Schilling 092d34d9df
Add a unit test for guests as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 10:24:27 +02:00
Morris Jobke 5c21b29d7f
Merge pull request #16308 from nextcloud/fix/undefined-offset-0
Prevent undefined offset 0 in findByUserIdOrMail
2019-07-10 12:16:36 +02:00
Daniel Kesselberg d57540ac84
Return first value from $users
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 19:29:14 +02:00
Roeland Jago Douma 6a088d6800
Merge pull request #16310 from nextcloud/enh/drop-execution-context
Don't send executionContexts for Clear-Site-Data
2019-07-09 19:20:50 +02:00
Daniel Kesselberg 6235a66aac
Don't send executionContexts for Clear-Site-Data
There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59

Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034

Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 15:08:25 +02:00
Christoph Wurst d058ef2b6c
Make it possible to wipe all tokens/devices of a user
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
Christoph Wurst 1c261675ad
Refactor: move remote wipe token logic to RW service
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
Roeland Jago Douma 5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
Roeland Jago Douma 5ac857bcdc
Add an event to edit the CSP
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
Morris Jobke 53d2d95478
Remove one time repair steps that have already run when updating to 17
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
John Molakvoæ 5a03189ce7
Mimetype list integrity check should not fail if it's changed (#15810)
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
Xheni Myrtaj 9211e34aec
Added Tests for modified mimetypelist
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
Julius Härtl 857fae288c
Always set the display name for user shares
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00
Joas Schilling 85a80b05ac
Unify the permission checking in one place only
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 16:34:00 +02:00
Joas Schilling e4addbae3e
Better check reshare permissions when creating a share
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 14:00:13 +02:00
Christoph Wurst c50fe2a9c9
Send emails when remote wipe starts/finishes
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-02 21:59:23 +02:00
Georg Ehrke 9f7fca49bb
Merge pull request #15775 from nextcloud/refactor/decouple-remote-wipe-notifications
Decouple remote wipe notifcation channels with events
2019-07-02 08:58:21 +00:00
Julius Härtl 5db328cc15
Remove fs package
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-01 11:24:58 +02:00
Roeland Jago Douma 2c449469d3
Merge pull request #16070 from nextcloud/fix/setup-check-no-internet-no-error
Do not show a internet connectivity warning if internet access is dis…
2019-06-28 10:54:29 +02:00
Greta Doci 5898e87e0f Remove deleted groups from app restrictions fixes #15823
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-06-27 20:17:50 +02:00
Christoph Wurst aa6622ccef Decouple remote wipe notifcation channels with events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 17:16:18 +02:00
Roeland Jago Douma dd79eda8a0
Use correct test avatar
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-27 13:27:03 +02:00
Christoph Wurst 20afe94297 Do not show a internet connectivity warning if internet access is disabled
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 10:51:59 +02:00
Jan-Christoph Borchardt b466127b1f
Merge pull request #16055 from nextcloud/design/native-fonts
Use native font stack
2019-06-26 00:08:16 +02:00
Roeland Jago Douma d4a44d9b78
Merge pull request #15870 from nextcloud/preview-provider-v2
Add new Provider interface for preview providers
2019-06-25 15:05:54 +02:00
Roeland Jago Douma 335af0c46c
Merge pull request #15971 from nextcloud/dependabot/npm_and_yarn/tests/ui-regression/pixelmatch-tw-5.0.2
Update pixelmatch requirement from ^4.0.2 to ^5.0.2 in /tests/ui-regression
2019-06-25 14:25:29 +02:00
Roeland Jago Douma 5fbf304c2a
Merge pull request #15777 from nextcloud/feature/ocp-event-dispatcher
Add event dispatcher to OCP
2019-06-25 11:48:16 +02:00
Christoph Wurst 3174012adf Add event dispatcher to OCP
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-25 10:02:27 +02:00
Jan-Christoph Borchardt d14c0f2ed7
Move font from Nunito to Noto Sans
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2019-06-22 11:23:44 +02:00
Robin Appelman 1ad95caf24
Merge pull request #15889 from nextcloud/touch-handle-backend-exceptions
handle storage exceptions when trying to set mtime
2019-06-21 17:14:27 +02:00
Robin Appelman 000898d932
fix tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-21 16:23:47 +02:00
Julius Härtl d5805df6c2
Fix subscription tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-17 16:36:24 +02:00
Robin Appelman 6150614374
Add new Provider interface for preview providers
the main difference is passing the `File` object to the provider
instead of a `View` + path

Old providers will still continue to work as before

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-17 14:09:09 +02:00
dependabot-preview[bot] f5709c130b
Update pixelmatch requirement in /tests/ui-regression
Updates the requirements on [pixelmatch](https://github.com/mapbox/pixelmatch) to permit the latest version.
- [Release notes](https://github.com/mapbox/pixelmatch/releases)
- [Commits](https://github.com/mapbox/pixelmatch/compare/v4.0.2...v5.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-06-16 01:13:18 +00:00
John Molakvoæ bf18f1ee93
Add strict type on Notifications tests (#15935)
Add strict type on Notifications tests
2019-06-14 14:12:50 +02:00
John Molakvoæ (skjnldsv) e9351ef779
Add strict type on Notifications tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-13 14:58:38 +02:00
John Molakvoæ b3bfae8cfe
Adjust acceptance tests to notifications based on toastify (#15938)
Adjust acceptance tests to notifications based on toastify
2019-06-13 14:04:50 +02:00
Daniel Calviño Sánchez e65fd11419 Add messages to assertFalse/True to clarify the failed assertion
Otherwise the output would just read "Failed asserting that true is
false." or "Failed asserting that false is true.", which is not very
informative when there are several assertFalse/True in a row.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-06-12 15:32:40 +02:00
Daniel Calviño Sánchez df8406dbae Adjust acceptance tests to notifications based on toastify
The old notifications were added as ".row" elements to the
"#notification-container" element; the new notifications based on
toastify are added as ".toastify .on .toast..." elements to the
"#content" element. Besides that, they also include a span element with
an X to close the notification, so now only the first child text node
should be compared to the expected message.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-06-12 14:32:15 +02:00
Roeland Jago Douma 357263a70b
Do not try to autoload built in types
This avoids calls to the autoloader (or chain of autoloaders) to see if
for example 'principalPrefix' class can be found. While we already know
it is a string.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-04 15:13:32 +02:00
Xheni Myrtaj 7cb6265378
Fix checker test
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-05-30 14:50:07 +02:00
John Molakvoæ 21f9487939
Fix personal security section tests (#15789)
Fix personal security section tests
2019-05-29 14:52:02 +02:00
Christoph Wurst f88907a2d9
Fix personal security section tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-29 13:10:07 +02:00
Christoph Wurst 64c4bb5bce
Vueify the login page
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-29 11:05:16 +02:00
Julius Härtl 67dd4b018a
Check for free space on touch
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-28 13:06:59 +02:00
Roeland Jago Douma b0c2042a28
Merge pull request #15714 from nextcloud/fix/204_304_rfc
Check the actual status code for 204 and 304
2019-05-24 19:51:01 +02:00
Roeland Jago Douma b0c030cbb5
Check the actual status code for 204 and 304
The header is the full http header like: HTTP/1.1 304 Not Modified
So comparing this to an int always yields false
This also makes the 304 RFC compliant as the resulting content length
should otherwise be the length of the message and not 0.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-24 15:18:32 +02:00
Christoph Wurst 22ae682823
Make it possible to show admin settings for sub admins
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-23 20:31:40 +02:00
Morris Jobke 9a733b7f50
Merge pull request #12114 from RubenHoms/master
Stop decryption when maintenance mode is enabled
2019-05-22 22:32:13 +02:00
Morris Jobke 8c3c04596e
Fix l10n for SettingsManager by injecting the l10n factory
Fixes #10832

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-21 22:25:13 +02:00
Ruben Homs 98047e8c1c
Stop decryption when maintenance mode is enabled, fixes #8311
Signed-off-by: Ruben Homs <ruben@homs.codes>
2019-05-21 09:24:50 +02:00
Roeland Jago Douma f03eb7ec3c
Remote wipe support
This allows a user to mark a token for remote wipe.
Clients that support this can then wipe the device properly.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-20 20:50:27 +02:00
Roeland Jago Douma 528eb1b223
Merge pull request #15304 from nextcloud/enh/2fa_setup_at_login
2FA setup during login
2019-05-17 11:04:42 +02:00
Roeland Jago Douma 579162d7b9
Allow 2FA to be setup on first login
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 10:11:53 +02:00
Roeland Jago Douma 2dcb4cfbd6
Allow clients to delete their own apptoken
Fixes #15480

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-05-17 09:52:06 +02:00
Morris Jobke 83b00a99fa
Add interfaces to interact with subscription from support app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-13 11:04:47 +02:00
Christoph Wurst d3a244f9d9
Allow crash reporters to catpture any message
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-09 14:06:44 +02:00
Morris Jobke f095bd1642
Use non-absolute logout URL to fix wrong URL in reverse proxy scenario
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-08 18:02:00 +02:00
Christoph Wurst 170582d4f5
Add a login chain to reduce the complexity of LoginController::tryLogin
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-07 18:04:36 +02:00
Morris Jobke 582b679ca9
Deprecate legacy share code and cleanup some unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-18 17:44:14 +02:00
Morris Jobke 049d613dba
Merge pull request #15152 from nextcloud/enhancement/noid/contactsmenu-sharing-enum-settings
Respect sharing enumeration config in contacts menu
2019-04-18 15:00:02 +02:00
Julius Härtl db17c14f80
Respect sharing enumeration config in contacts menu
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-04-18 11:39:49 +02:00
Daniel Kesselberg 6c156d81ed
Fix testGetProxyUri
Changed the implementation for getProxyUri with
fd1d85365c

If proxy is already null then we don't ask for proxyuserpwd. Test
failed because we expected getSystemValue to be called once with
proxyuserpwd

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-16 21:33:56 +02:00
Daniel Kesselberg 2708d26407
Set User-Agent as header without middleware
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-16 21:13:29 +02:00
Roeland Jago Douma 7276735eb4
Set empty CSP by default
For #14179

By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-16 14:09:39 +02:00
Joas Schilling 8852b85d13
Disable acceptance test which should fail anyway
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-11 14:03:41 +02:00
Morris Jobke c1e6a5965e
Return true in the dummy backend for successful display name change
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 11:43:33 +02:00
Leon Klingele f420647add
lib/private/User: do not change user properties if value has not changed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 10:11:05 +02:00
Julius Härtl 0968343061
Add acceptance test for public folder navigation
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-04-10 11:28:45 +02:00
Daniel Calviño Sánchez ace4449924 Adjust acceptance tests to changes of file names in file picker
File names are no longer shown directly in the ".filename" element, but
split in two "span" elements inside a ".filename-parts" element, so now
the texts in those span elements need to be concatenated to get the file
name.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-04-03 16:29:52 +02:00
Roeland Jago Douma 49acc28d90
Revert "Temp disable bundle tests" 2019-04-01 22:43:59 +02:00
Morris Jobke c57a16bb0a
Merge pull request #14825 from marius-wieschollek/bugfix/11236
Set parameter type in QBMapper
2019-03-25 10:21:45 +01:00
Roeland Jago Douma a7fb71f908
Fetch proper translations
Fixes #14793

This is caused by the mess we have with OC\Settings mapping to settings
and lib/private/Settings.

Anyway this is the quick fix. Moving stuff around for 17 seems better.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-25 09:10:54 +01:00
Marius David Wieschollek 5aeb8eac2b
[#11236] Set parameter type in QBMapper
Signed-off-by: Marius David Wieschollek <git.public@mdns.eu>
2019-03-24 22:43:45 +01:00
Roeland Jago Douma 3ecdf743bb
Properly inject EventDispatched in BackgroundRepair
Else it will just be null when called

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-22 10:29:36 +01:00
Joas Schilling 494d737f7e
Remove unused member "util"
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-21 12:42:35 +01:00
Roeland Jago Douma 093c75802c
Temp disable bundle tests
The bundle acceptance tests fails after #14578 sometimes. This is
because of a race condition. not all apps have compatible 16 versions
yet. So trying to enable them results in those apps doing 💥.

Because of #14578 we do show them now. So we try to enable them. However
depending on which requests finishes first the disable button for the
audit app either shows up or now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 20:44:11 +01:00
Roeland Jago Douma 03dc79f665
Merge pull request #14578 from nextcloud/enh/force_enable_apps
Force enable apps
2019-03-20 19:22:38 +01:00
Roeland Jago Douma 575b3f9ff8
Revert "Where is your data?" 2019-03-20 15:17:31 +01:00
Roeland Jago Douma 769cb629ae
allow enforcing apps to ignore the max version
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 15:16:11 +01:00
Joas Schilling b357913587
Improve startup speed of acceptance tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-18 15:21:42 +01:00
Morris Jobke 970d52fc29
Adjust acceptance tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-18 14:16:40 +01:00
Morris Jobke bfe2c19512
Merge pull request #14681 from nextcloud/forwardport/noid/fragile-tests
Disable fragile tests - part 2
2019-03-14 23:30:05 +01:00
Morris Jobke 1d938947e1
Disable failing files app test - act 4
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 16:30:38 +01:00
Morris Jobke 951dcc110d
Disable failing files app test - act 3
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 16:24:06 +01:00
Morris Jobke 70f90b8c6b
Disable failing app management test
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 16:18:46 +01:00
Morris Jobke caea04d28e
Disable failing comments app test - act 2
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 13:46:10 +01:00
Morris Jobke 43e9006481
Disable failing files app test - act 2
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 13:46:06 +01:00
Morris Jobke 5b4155bd12
Make appstore app:enable test more robust by using only shipped apps
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-14 13:39:20 +01:00
Morris Jobke 38dd3da92b
Disable fragile user acceptance tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke a5e42f95c6
Disable failing login test
* tests/acceptance/features/login.feature:15
<details><summary>Show full log</summary>

```
  Scenario: log in with valid user and invalid password once fixed by admin # /drone/src/github.com/nextcloud/server/tests/acceptance/features/login.feature:15
    Given I act as John                                                     # ActorContext::iActAs()
    And I can not log in with user user0 and password 654231                # LoginPageContext::iCanNotLogInWithUserAndPassword()
    When I act as Jane                                                      # ActorContext::iActAs()
    And I am logged in as the admin                                         # LoginPageContext::iAmLoggedInAsTheAdmin()
    And I open the User settings                                            # SettingsMenuContext::iOpenTheUserSettings()
    And I set the password for user0 to 654321                              # UsersSettingsContext::iSetTheFieldForUserTo()
    And I act as John                                                       # ActorContext::iActAs()
    And I log in with user user0 and password 654321                        # LoginPageContext::iLogInWithUserAndPassword()
    Then I see that the current page is the Files app                       # FilesAppContext::iSeeThatTheCurrentPageIsTheFilesApp()
      Failed asserting that 'http://acceptance-login/index.php/login?user=user0' starts with "http://acceptance-login/index.php/apps/files/".

```
</details>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke 18009c82e4
Disable failing comments test
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke 247ade00e7
Disable failing files app test
Fails with:

 * tests/acceptance/features/app-files.feature:90
<details><summary>Show full log</summary>

```
  Scenario: show favorites                                            # /drone/src/github.com/nextcloud/server/tests/acceptance/features/app-files.feature:90
    Given I am logged in                                              # LoginPageContext::iAmLoggedIn()
    And I mark "welcome.txt" as favorite                              # FileListContext::iMarkAsFavorite()
    When I open the "Favorites" section                               # AppNavigationContext::iOpenTheSection()
    Then I see that the current section is "Favorites"                # AppNavigationContext::iSeeThatTheCurrentSectionIs()
    Then I see that the file list contains a file named "welcome.txt" # FileListContext::iSeeThatTheFileListContainsAFileNamed()
      Row for file welcome.txt in file list could not be found after 100 seconds (NoSuchElementException)
```
</details>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke d98463f1b2
Disable failing apps management test
Fails with:

 * tests/acceptance/features/apps.feature:66
<details><summary>Show full log</summary>

```
  Scenario: Show section from app store                       # /drone/src/github.com/nextcloud/server/tests/acceptance/features/apps.feature:66
    Given I act as Jane                                       # ActorContext::iActAs()
    And I am logged in as the admin                           # LoginPageContext::iAmLoggedInAsTheAdmin()
    And I open the Apps management                            # SettingsMenuContext::iOpenTheAppsManagement()
    And I see that the current section is "Your apps"         # AppNavigationContext::iSeeThatTheCurrentSectionIs()
    When I open the "Files" section                           # AppNavigationContext::iOpenTheSection()
      Files section item in App Navigation could not be found after 100 seconds (NoSuchElementException)
    Then I see that there some apps listed from the app store # AppsManagementContext::iSeeThatThereSomeAppsListedFromTheAppStore()
    And I see that the current section is "Files"             # AppNavigationContext::iSeeThatTheCurrentSectionIs()

```
</details>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke 982081f1ab
Disable failing files tag test
Fails with:

 * tests/acceptance/features/app-files-tags.feature:42
<details><summary>Show full log</summary>

```
  Scenario: add tags using the dropdown in the details view                                 # /drone/src/github.com/nextcloud/server/tests/acceptance/features/app-files-tags.feature:42
    Given I am logged in as the admin                                                       # LoginPageContext::iAmLoggedInAsTheAdmin()
    And I visit the settings page                                                           # SettingsMenuContext::iVisitTheSettingsPage()
    And I open the "Tag management" section                                                 # AppNavigationContext::iOpenTheSection()
    And I see that the button to select tags is shown                                       # SettingsContext::iSeeThatTheButtonToSelectTagsIsShown()
    And I create the tag "tag1" in the settings                                             # SettingsContext::iCreateTheTagInTheSettings()
    And I create the tag "tag2" in the settings                                             # SettingsContext::iCreateTheTagInTheSettings()
    And I create the tag "tag3" in the settings                                             # SettingsContext::iCreateTheTagInTheSettings()
    And I create the tag "tag4" in the settings                                             # SettingsContext::iCreateTheTagInTheSettings()
    And I see that the dropdown for tags in the settings eventually contains the tag "tag1" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
    And I see that the dropdown for tags in the settings eventually contains the tag "tag2" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
    And I see that the dropdown for tags in the settings eventually contains the tag "tag3" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
    And I see that the dropdown for tags in the settings eventually contains the tag "tag4" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
    And I log out                                                                           # SettingsMenuContext::iLogOut()
    And I am logged in                                                                      # LoginPageContext::iAmLoggedIn()
    And I open the details view for "welcome.txt"                                           # FileListContext::iOpenTheDetailsViewFor()
    And I open the input field for tags in the details view                                 # FilesAppContext::iOpenTheInputFieldForTagsInTheDetailsView()
    When I check the tag "tag2" in the dropdown for tags in the details view                # FilesAppContext::iCheckTheTagInTheDropdownForTagsInTheDetailsView()
    And I check the tag "tag4" in the dropdown for tags in the details view                 # FilesAppContext::iCheckTheTagInTheDropdownForTagsInTheDetailsView()
    Then I see that the tag "tag2" in the dropdown for tags in the details view is checked  # FilesAppContext::iSeeThatTheTagInTheDropdownForTagsInTheDetailsViewIsChecked()
    And I see that the tag "tag4" in the dropdown for tags in the details view is checked   # FilesAppContext::iSeeThatTheTagInTheDropdownForTagsInTheDetailsViewIsChecked()
    And I see that the input field for tags in the details view contains the tag "tag2"     # FilesAppContext::iSeeThatTheInputFieldForTagsInTheDetailsViewContainsTheTag()
      Failed asserting that false is true.
    And I see that the input field for tags in the details view contains the tag "tag4"     # FilesAppContext::iSeeThatTheInputFieldForTagsInTheDetailsViewContainsTheTag()

```
</details>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-13 18:01:24 +01:00
Morris Jobke 77cf702220
Fix acceptance tests for wrong password message due to changed message
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-11 11:54:38 +01:00
Morris Jobke d40b21ac81
Merge pull request #14603 from nextcloud/fix/noid/add-setup-check-for-s3-temp-path
Show a setup warning in case S3 object storage is used as primary storage
2019-03-08 18:03:49 +01:00
Roeland Jago Douma 8996b9efbf
Merge pull request #14352 from nextcloud/dependabot/npm_and_yarn/bootstrap-4.3.1
[Security] Bump bootstrap from 3.4.1 to 4.3.1
2019-03-08 15:32:16 +01:00
Morris Jobke 060b637b70
Show a setup warning in case S3 object storage is used as primary storage
* checks for at least 50 GB of free space

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-08 13:38:39 +01:00
Morris Jobke 772303309d
Merge pull request #14425 from cowai/fix-multiple-incomplete-folders
Do not calculate folder size for parent that also needs proper scan, fixes #3524
2019-03-08 09:12:33 +01:00
Marius Blüm 80937159fb
Remove "socialsharing_googleplus" from Social Sharing Bundle
Signed-off-by: Marius Blüm <marius@lineone.io>
2019-03-07 14:56:16 +01:00
Julius Härtl d768634616
Fix domparser on phantomjs
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-07 10:45:47 +01:00
Ari Selseng d16cfb519e Avoid calculating folder size for parent that needs scan.
Signed-off-by: Ari Selseng <ari@selseng.net>
2019-03-06 15:23:37 +01:00
Morris Jobke d004164fcc
Merge pull request #13327 from nextcloud/allow-bracket-notation-for-remove-ipv6-address
Allow bracket IPv6 address format inside IPAdress Normalizer
2019-03-06 10:34:02 +01:00
Morris Jobke 40e04c8391
Disable fragile tests for now
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-05 14:23:08 +01:00
Joas Schilling c6a69ba925
Remove the upload and memory setting
* Remove unneeded private method phpFileSize()
* Bump autoloader
* Remove setUploadLimit tests
* Remove integrity check hacks for upload limit

Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 12:14:22 +01:00
Morris Jobke 814bf0de20
Merge pull request #14493 from nextcloud/tech-debt/noid/remove-php5-config
Remove unused php5 config from .htaccess
2019-03-04 12:07:40 +01:00
Morris Jobke 92b5743bf4
Remove unused php5 config from .htaccess
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 11:24:10 +01:00
Morris Jobke 4b2efd94f9
Make header.feature more robust by running it on apache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 10:22:16 +01:00
Christoph Wurst 102f700d96
Load auth tokens with the initial state API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-03-01 21:24:44 +01:00
Julius Härtl e5162fb9af
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-01 20:57:01 +01:00
Julius Härtl 6ee7286b41
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-01 20:57:01 +01:00
Joas Schilling 01b4db62fb
Add dispatcher events to User and Group objects
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-01 20:56:59 +01:00
Morris Jobke 6c7ccbecbf
Add setup check for missing UTF8MB4 on mysql
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-28 16:46:23 +01:00
Morris Jobke 3f2bb3ca05
Run tests that fail with "no such process" over to apache server
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-28 14:03:57 +01:00
Roeland Jago Douma a43ffc7dec
Merge pull request #13489 from nextcloud/enh/settings/2fa-security-store
Do not load 2fa admin settings async
2019-02-28 13:32:26 +01:00
Roeland Jago Douma c621da4fd6
Do not load 2fa admin settings async
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-28 11:55:58 +01:00
Morris Jobke 36bf1ffb25
Fix acceptance tests for tag management
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-28 11:42:21 +01:00
Morris Jobke e5cacc0fe3
Merge pull request #14343 from nextcloud/bugfix/14052-multiple-navigation-items
Parse multiple navigation items
2019-02-27 16:07:57 +01:00
Christoph Wurst e930a0ccbe
Search sharees on lookup server when explicitly requested by user
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-02-26 19:44:49 +01:00
Joas Schilling a3d936fbb7
Merge pull request #14385 from nextcloud/feature/noid/add-event-to-allow-to-filter-results
Add an event to the Autocomplete Controller to allow to filter the re…
2019-02-26 18:11:24 +01:00
Joas Schilling 55f627d20b
Add an event to the Autocomplete Controller to allow to filter the results
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-26 15:32:14 +01:00
Roeland Jago Douma 41ef3d860c
Move comments to webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-26 09:10:23 +01:00
Morris Jobke dc2798460b
Merge pull request #14198 from nextcloud/bugfix/8647-exclude-file-name-patterns
Exclude file name patterns; ignore gentoo webapp files
2019-02-26 00:17:25 +01:00
Robin Appelman db750898ee
allow group backends to mark that a group should now be shown in search dialogs
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-25 16:06:09 +01:00
Daniel Kesselberg df3d5e8509
two item => two items
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-25 14:52:14 +01:00
Roeland Jago Douma e819e97829
Login flow V2
This adds the new login flow. The desktop client will open up a browser
and poll a returned endpoint at regular intervals to check if the flow
is done.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-25 07:24:50 +01:00
Daniel Kesselberg 36c51bc4f1
Parse multiple navigation items
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-22 15:57:14 +01:00
Joas Schilling 2cc4118629
Merge pull request #14066 from nextcloud/feature/noid/casted-system-values
Get typed system values
2019-02-22 11:54:20 +01:00
Joas Schilling b4902369fb
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-22 09:08:53 +01:00
Daniel Kesselberg bb2d8bafc9
Use contacts instead of logreader
Logreader is not distributed by app store because shipped by default.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:07 +01:00
Daniel Kesselberg 75b7d6ae4e
Add install logic for enable command
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:06 +01:00
Daniel Kesselberg 76b5f44f05
Strict Types, Return Types
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:06 +01:00
Daniel Kesselberg 03d3192638
Disable multiple apps at once
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:05 +01:00
Daniel Kesselberg 08907ee3e9
Enable multiple apps at once
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:00 +01:00
Roeland Jago Douma e7f0e8ba03
Merge pull request #14263 from nextcloud/publish-activity-app-token
Publish activity if app password created by ocs api or client login flow
2019-02-19 15:08:43 +01:00
Morris Jobke e20292f174
Merge pull request #14261 from nextcloud/show-warning-if-x-forwarded-set-with-empty-trusted-proxies
Warning if x-forwarded-host present but trusted_proxies empty
2019-02-19 10:31:57 +01:00
Morris Jobke 30e7d3e0e8
Merge pull request #14194 from nextcloud/bugfix/noid/correctly-determinate-owner-in-case-of-shared-external-storages
Correctly determinate the owner in case of shared external storages
2019-02-19 10:28:28 +01:00
Roeland Jago Douma d43095e17b
Merge pull request #14218 from nextcloud/enh/files_sharing_to_webpack
Move files_sharing additionalscripts over to webpack
2019-02-19 08:20:16 +01:00
Daniel Kesselberg c583c5e7e2
Emit event if app password created
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-18 17:47:43 +01:00
Joas Schilling f66c37bdb8
Correctly determinate the owner in case of shared external storages
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-18 10:57:12 +01:00
Daniel Kesselberg 600bc22297
Warning if x-forwarded-host present but trusted_proxies empty
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:53:06 +01:00
Daniel Kesselberg 149a98edf6
Publish activity for app token created by client login flow
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:49:54 +01:00
Daniel Kesselberg 2ade2bef8c
Publish activity for app token created by ocs api
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:37:22 +01:00
Roeland Jago Douma 104616c1da
Use CountWrapper instead of almost identical CountReadStream
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 13:24:58 +01:00
Roeland Jago Douma 0a4569dff7
Move files_sharing additionalscripts over to webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 12:33:04 +01:00
Roeland Jago Douma ea3fa78a85
Merge pull request #14167 from nextcloud/techdebt/noid/update-php-parser-for-7.1-compat
Update PHP-Parser for 7.1 compatibility
2019-02-14 21:23:42 +01:00
Roeland Jago Douma fc39b28549
Merge pull request #14186 from nextcloud/enh/systemtags_to_webpack
Move systemtags (app) to webpack
2019-02-14 21:17:50 +01:00
Roeland Jago Douma 843066b708
Fix AsyncBusTests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 20:04:17 +01:00
Roeland Jago Douma b6d327ee47
Merge pull request #13995 from nextcloud/feature/dont-call-get-repair-steps
Do not run getRepairSteps in register_commands
2019-02-14 19:51:39 +01:00
Morris Jobke cca08df976
Merge pull request #14160 from nextcloud/update-crl
Update CRL to contain revoked files_external_dropbox, passman & payback
2019-02-14 14:53:05 +01:00
Roeland Jago Douma fb1eb96730
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 12:17:57 +01:00
Daniel Kesselberg b14700c936
Use more precise regex
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 12:11:30 +01:00
Morris Jobke c804baaec5
Update CRL to contain revoked files_external_dropbox, passman & payback
* see https://github.com/nextcloud/app-certificate-requests/pull/221
* see https://github.com/nextcloud/app-certificate-requests/pull/219#issuecomment-463577509

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-14 11:49:35 +01:00
Daniel Kesselberg 7404c10666
Apply code style fixes from owncloud, revert regex
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 11:48:15 +01:00
Romain Rivière a5bc27c2a6
Fix test case
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:15 +01:00
Romain Rivière abb56c72e1
Exclude file name patterns; ignore gentoo webapp files
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:09 +01:00
Daniel Kesselberg e090973e64
Fix unit test
Null is not longer possible as value for $dispatcher.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-13 23:06:51 +01:00
Roeland Jago Douma d7495f89ab
Merge pull request #14170 from nextcloud/feature/update-app-password-activity
Show more information on app password update
2019-02-13 22:45:12 +01:00
Roeland Jago Douma 7f88654147
Move of files_versions to webpack
* Move CSS into bundle
* Old merged.json no longer needed!
* No need to load the style still

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-13 22:20:07 +01:00
Daniel Kesselberg 825200be07
Add test cases for rename / grant / revoke
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-13 20:57:54 +01:00
Roeland Jago Douma f1ea56b502
Fix the thorrtler whitelist bitmask
Before we actually didn't check each bit of the bitmask. Now we do.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-11 23:22:20 +01:00
Morris Jobke 34dc165132
Merge pull request #13097 from nextcloud/feature/11319/where-is-your-data
Where is your data?
2019-02-11 11:13:55 +01:00
Roeland Jago Douma b40603d250
Merge pull request #13702 from nextcloud/feature/6717/rename-app-passwords
Make it possible to rename app passwords
2019-02-08 08:34:54 +01:00
Morris Jobke baa6a2d52c
Merge pull request #13748 from nextcloud/cache-insert-event
add event for inserting cache entries
2019-02-07 16:35:02 +01:00
Morris Jobke 0e9903c420
Merge pull request #13969 from nextcloud/enh/additional_scripts_no_on_public_pages
No need to emit additonalscript event on public pages
2019-02-07 15:57:14 +01:00
Robin Appelman 0ccd970f9d
adjust tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-07 15:51:34 +01:00
Morris Jobke 94b1b1593b
Remove public interface that was only needed for testing
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-07 14:23:16 +01:00
Michael Weimann 2a8118e459
Switch guest avatars to PNG
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Michael Weimann bf1253cb49
Implement guest avatar endpoint
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Roeland Jago Douma b68567e9ba
Add StandaloneTemplateResponse
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-06 11:26:18 +01:00
Roeland Jago Douma d88604015a
No need to emit additonalscript event on public pages
There already is a separate event for this. This will make it possible
to only inject code with the logged in one on default rendered pages.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-05 20:59:36 +01:00
Daniel Kesselberg 850e67dea9
Don't update token if current session token
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-02 20:21:58 +01:00
Daniel Kesselberg db49e0fdae
Add canRename & name to tests
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-02 20:21:50 +01:00
Morris Jobke e5d8645f00
Merge pull request #13846 from nextcloud/feature/check-if-app-exist-for-group
Check app path for enableAppForGroups
2019-02-01 15:23:01 +01:00
Roeland Jago Douma ba03c1a84c
Merge pull request #13548 from nextcloud/feature/10964/app_tokens_activity
Publish event for app token create/update/delete
2019-02-01 14:56:45 +01:00
Roeland Jago Douma d182037bce
Emit to load additionalscripts
Fixes #13662

This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.

This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-31 12:11:40 +01:00
Daniel Kesselberg a687a657e8
Add test for destroy with invalid user
Some code cleanup
- willReturn instead of will(returnValue)
- Annotation for mocked objects

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 19:10:59 +01:00
Daniel Kesselberg f24fa2051d
Publish event for app token create/update/delete
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 19:10:53 +01:00
Christoph Wurst 0e6cb988a1
Add a key parameter to the new initial state API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-30 16:08:08 +01:00
Roeland Jago Douma 139055c1dd
Merge pull request #13880 from nextcloud/enh/expose_subadmin_to_ocp
Expose subadmin to OCP
2019-01-29 22:13:41 +01:00
Roeland Jago Douma 15abcff2a1
Expose subadmin to OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 20:47:35 +01:00
Roeland Jago Douma deb7d2364f
Merge pull request #13869 from nextcloud/enh/clean_pending_2fa_session_on_password_change
Clean pending 2FA authentication on password reset
2019-01-29 19:50:15 +01:00
Roeland Jago Douma ac8a6e2244
Clean pending 2FA authentication on password reset
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.

The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 13:08:56 +01:00
Roeland Jago Douma 0fd208a83b
Merge pull request #13866 from nextcloud/s3-multipart-uploader
always use multipart uploader for s3 uploads
2019-01-29 11:14:05 +01:00
Robin Appelman 1d322d3b37
always use multipart uploader for s3 uploads
the multipart uploader handles non seekable streams while `upload` does not

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-28 14:51:19 +01:00
Daniel Kesselberg c09ddf6c78
Check app path for enableAppForGroups
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-26 22:31:45 +01:00
Joas Schilling abd305eff5
Remove legacy activity stuff
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-24 16:52:38 +01:00
Morris Jobke ae25fd2389
Merge pull request #13217 from nextcloud/add-acceptance-tests-for-moving-and-copying-files
Add acceptance tests for moving and copying files
2019-01-23 18:48:21 +01:00
Roeland Jago Douma e3de4edc51
Urlencode the requesttoken
Followup of #13757

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 16:16:31 +01:00
Roeland Jago Douma ebd9f30d85
Request plain logout url
By requesting the plain logout url we allow it to be properly cached by
the caching router. We just add the requesttoken manually.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 14:06:03 +01:00
Roeland Jago Douma f2b118a256
Merge pull request #13747 from nextcloud/fix/honor_session_lifetime_if_remember_cookie_is_disabled
Honor remember_login_cookie_lifetime
2019-01-23 10:12:01 +01:00
Roeland Jago Douma e6333c8fe3
Honor remember_login_cookie_lifetime
If the remember_login_cookie_lifetime is set to 0 this means we do not
want to use remember me at all. In that case we should also not creatae
a remember me cookie and should create a proper temp token.

Further this specifies that is not 0 the remember me time should always
be larger than the session timeout. Because else the behavior is not
really defined.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 08:46:24 +01:00
Morris Jobke 90e985fe4f
Merge pull request #13739 from nextcloud/cache-cleanup-change
cleanup shared lock if changing to exclusive lock failed
2019-01-22 16:11:46 +01:00
Robin Appelman f69c2d1e84
cleanup shared lock if changing to exclusive lock failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-22 15:32:48 +01:00
Joas Schilling f8b74cf0a5
Allow resources via OCS as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-22 14:18:58 +01:00
Daniel Calviño Sánchez 374b02c7bc Add acceptance tests for copying files to the same folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:51:53 +01:00
Daniel Calviño Sánchez 42457c8b23 Add acceptance tests for moving and copying selections to another folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:36:13 +01:00
Daniel Calviño Sánchez 4fcabf167e Add acceptance tests for moving and copying files to another folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:27:06 +01:00
Roeland Jago Douma 66367797df
Fix template paramter
Else we get shown an error page instead of the correct 403.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-18 15:30:38 +01:00
Roeland Jago Douma f42115d6bb
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-15 15:53:44 +01:00
Morris Jobke 5a27e54f4b
Merge pull request #13032 from nextcloud/objectstore-write-exists
upload new files in objectstore to a .part path first
2019-01-14 11:26:29 +01:00
Michael Weimann 2cd3fd3dc2
Move server info to theming section
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-01-14 00:08:26 +01:00
Michael Weimann 813ff430f1
Implement storing and loading the server info
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-01-14 00:08:24 +01:00
Robin Appelman 615fb8cd77
Cache tokens when using swift's v2 authentication
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-13 19:59:48 +01:00
Christoph Wurst 01a6181d9f
Don't load old vendor files during jsunit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-09 15:02:00 +01:00
Roeland Jago Douma ad676c0102
Set default frame-ancestors to 'self'
For #13042

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-08 15:36:40 +01:00
Roeland Jago Douma 64244e1a4f
CSP: Allow fonts to be provided in data
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-07 15:07:06 +01:00
Roeland Jago Douma 8b0f5e02c7
Merge pull request #12621 from nextcloud/td/12224/cleanup_middleware_registering
Cleanup middleware registering
2019-01-07 10:48:41 +01:00
Roeland Jago Douma fe3d8ffc90
Merge pull request #13172 from nextcloud/fix-can-change-password-check
fix can change password check in case of encryption is enabled
2019-01-04 09:53:10 +01:00
Roeland Jago Douma 2d22633568
Merge pull request #13313 from nextcloud/feature/remove-outdated-caches
Remove check for outdated caches
2019-01-04 09:18:31 +01:00
blizzz 68952306aa
Merge pull request #10555 from nextcloud/bugfix/10518/only-check-added-items
Only enforce schema limits for supported apps
2019-01-03 14:18:13 +01:00
Roeland Jago Douma 54ff913de6
Cleanup middleware registering
Fixes #12224

Since we only use the middleware at 1 location it makes no sense to
register them in each and every container.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-03 11:50:01 +01:00
Thomas Citharel c9b588774b
Allow bracket IPv6 address format inside IPAdress Normalizer
When run with php's build-in server (for instance on localhost:8080), IP provided through $this->server['REMOTE_ADDR'] is [::1], which is not an acceptable format for \inet_pton. This removes the brackets if there's any.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-01-03 10:03:46 +01:00
Daniel Kesselberg 248e824f48
Remove check for outdated caches
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-02 10:46:14 +01:00
Daniel Calviño Sánchez 4566670fa3 Add acceptance tests for opening search results for comments
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-12-21 20:14:38 +01:00
Daniel Calviño Sánchez 1a887aaad0 Add acceptance tests for searching comments
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-12-21 20:14:16 +01:00
Roeland Jago Douma 03fe2b3b81
Use a case insensitive search for email
Fixes #7084
Now entering wrongly cased email (roeland@ instead of Roeland@) for
password reset etc. Will also work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-20 14:19:35 +01:00
Bjoern Schiessle 4b3308bf3f
fix can change password check in case of encryption is enabled
Admin should _not_ be able to change password when:
- if an encryption module is loaded and it uses per-user keys
- if encryption is enabled but no encryption modules are loaded

Admin should be able to change the password when:
- no encryption module is loaded and encryption is disabled
- encryption module is loaded but it doesn't require per user keys

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-12-20 12:28:40 +01:00
Roeland Jago Douma a0ce0824bd
Merge pull request #13116 from nextcloud/fix/only_trust_xforwardedhost_for_trusted_proxies
Only trust the X-FORWARDED-HOST header for trusted proxies
2018-12-19 09:47:44 +01:00
John Molakvoæ 6f994be665
Merge pull request #12766 from stalker314314/streaming-options
Expose Swift Mailer streaming options in config, fixes #12702
2018-12-18 07:53:45 +01:00
Branko Kokanovic 7cef9b0248 Addressing comments, array() to []
Signed-off-by: Branko Kokanovic <branko@kokanovic.org>
2018-12-17 23:34:55 +01:00
Roeland Jago Douma 514426e27d
Only trust the X-FORWARDED-HOST header for trusted proxies
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-17 15:54:45 +01:00
Joas Schilling 6788e6e75c
Merge pull request #12883 from nextcloud/appdata-performance
try to grab the appdata folder directly without going trough the whole tree
2018-12-17 15:11:28 +01:00
Joas Schilling 85a0e10b4f
Update the tests to the comparison logic
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-12-17 13:52:09 +01:00
Robin Appelman d6bf5d4384
upload new files in objectstore to a .part path first
This prevent the object store and cache from getting out of sync
when an objectstore silently fails or the php process get's killed
during the upload without giving us the chance to cleanup

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-12-12 15:24:40 +01:00
Robin Appelman 6c9f2644cf
Add objectExists to objectstore interface
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-12-12 14:17:19 +01:00
Roeland Jago Douma 372f3d2a60
Remove deprecated functions from SecureRandom
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-07 19:33:32 +01:00
Roeland Jago Douma cfcce69272
Merge pull request #12897 from nextcloud/fix-unread-comment-icon-not-shown-for-the-sharee
Fix unread comment icon not shown for the sharee
2018-12-07 15:07:23 +01:00